New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Avoid disruption to original web/API server #1

Open

dingp opened this issue May 13, 2024 · 1 comment

Owner

dingp commented May 13, 2024

The current design requires a temporary change of the ingress when renewing the certificate.

This will disrupt the service provided by the web/API server.

To avoid this disruption, possible improvement could be:

create a .well-known subdirectory in the webroot PV;
change the .well-known to be the dummy web server's working directory (web root);
Instead of rewriting the ingress to point the / prefix to the dummy web server, appending a rule for /.well-known to be directed to the dummy web server;

The text was updated successfully, but these errors were encountered:

Owner Author

dingp commented May 14, 2024

Support for installing the chart into namespaces w/wo existing ingress rules:

install the initial ingress if not existing;
A second ingress template only applies when ingress if found;
the second ingress template will modify the existing ingress, and add the /.well-known rule.

With this feature in place, the script to obtain certificate does not need to have the logic of preserving exiting ingress rule.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment